_clsUpload.asp

What does this file do?

The _clsUpload.asp file contains VBScript classes and functions which 20/20 DataShed uses to provide file "upload" capability. This is a pure-ASP utility and 3rd-party components are not required.

The _clsUpload.asp file contains two VBScript classes:

These classes and their related properties and methods provide a fast, reliable, and convenient interface for uploading and saving files through a web browser to the web server. These objects are modelled after similar scripts that are well-documented and found on the internet. One of earliest authors to create a pure-ASP upload utility that we are aware of is Lewis Moten; however this script is quite different from his (and others) earlier models. Our version contains improvements such as:

Note that we have packaged this code into a standalone script for use in any ASP file and it can be downloaded from our web site for free. Instructions to implement this utility in your own ASP scripts is included in the downloadable package.

Permissions and Security

Server

This file may inherit the permissions from its parent folder; but also requires that the IUSR_<localmachinename> (or equivalent) user account have NTFS permissions to read the file.

For comprehensive NTFS file and folder permission settings please see File/Folder Security (NTFS Permissions).

Internal

The contents and features of this file is available only to the files in the administrative area (the sub folder) of 20/20 DataShed and all such files are protected by username and password authentication through the 20/20 DataShed login console.

20/20 DataShed saves all uploaded files to the uploads folder and utilizes the "RestrictFileExtension" property to ensure that malicious file types are not uploaded to the web server.

File types that are allowed by 20/20 DataShed are: TXT, RTF, INC, HTML, HTM, JPG, JPEG, GIF, BMP, PNG, TIFF, TIF, EPS, PSD, PS, MOV, MPG, MPEG, AVI, RAM, WMF, RM, MP3, AIFF, WAV, MUS, MID, RMF, PD, PDF, DOC, PUB, XLS, MDB, PPT, WMV, WMA, DXF, 3DS, AC, ASF, ASX, AU, WPD, KMZ, KML, ASC, ANS, TAB, CVS.

How to Maintain

This file does not require maintenance.

Included In (Files)

This file is made available to ASP scripts in the administrative area (the sub folder) of 20/20 DataShed which require an "upload" interface. Specifically it is included (via SSI) in the following:

Inherits (Files)

None.

Other Features

Complete Object Reference: clsUpload

The clsUpload object contains public functions and methods which enable you to upload and save files to a web server using pure VBScript.

Properties

Files
Read only
Data Type: Dictionary Collection
Syntax: object.Files
Returns a Files collection consisting of all the File objects parsed from the HTTP header.
More information about manipulating Dictionary objects can be viewed at www.devguru.com.
Form
Read only
Data Type: Dictionary Collection
Syntax: object.Form
Returns a Forms collection consisting of all the Form objects parsed from the HTTP header.
This collection contains all the HTML form elements which are not "Files"
This collection should be used instead of the typical "request.form" method to access data from the other form elements (if you decide to combine "file" upload elements with other form element types, like checkboxes, text boxes, drop-down lists, textareas). Why? Because the form data is posted using "multipart/form-data" encoding (and needs to be retrieved like binary data instead of text data) and therefore the typical "request.form" method isn't effective.
More information about manipulating Dictionary objects can be viewed at www.devguru.com.
RestrictFileExtensions
Read/Write
Data Type: Boolean (True or False).
Syntax: object.RestrictFileExtensions = [ True | False ]
This property sets or returns a boolean value.
True signifies that the object should compare the uploaded files to the "SafeFileExtensions" property (and decline the upload if the file extension is not considered safe).
False signifies that no restrictions should be imposed on file extensions.
SafeFileExtensions
Read/Write
Data Type: An emtpy string or a pipe-delimited list of file extensions (in lower-case). Note: the "pipe" is the vertical-bar on your keyboard: |.
Syntax: object.SafeFileExtensions = "txt|html|gif|jpg"
This property sets or returns either an empty string or a pipe-delimited list of file extensions (in lower-case) that are considered "safe" to upload if the "RestrictFileExtentions" property is set to True.
If the "RestrictFileExtentions" property is set to False, then the "SafeFileExtensions" property will have no effect (it will be ignored).
TotalBytes
Read only
Data Type: Long
Syntax: lngTotalBytes = object.TotalBytes
Returns a long (number) value representing the total size of the HTTP header.
Defaults to zero (0).

Methods

Upload
Syntax: object.Upload TargetPath
Returns a boolean value: True indicates that the upload was successful; False indicates that the upload was not successful. If False, then the ASP error object, "Err", can be used to retrieve the details of the error.

Events

Initialize
Syntax:
dim objUpload
set objUpload = New clsUpload
When the object is instantiated, this happens:
Terminate
Syntax:
set objUpload = nothing
When the object is terminated, this happens:

Complete Object Reference: File

Multiple files can be uploaded simultaneously. A "clsUploadedFile" object is created by clsUpload for each file-blob that is uploaded -- each clsUploadedFile object corresponds to a "File" item in the "Files" collection is accessible through the clsUpload.Files dictionary collection.

In other words, once your files are uploaded, you can manipulate them with the following properties and methods.

Note: if "RestrictFileExtensions" is True, then only "Safe" files will be available in the "File" collection. This means that if you upload a file, then if the UploadObject.Files.Count property is zero (0), then you can conclude that the file extension was rejected.

Properties

ContentType
Read/Write
Data Type: String
Syntax: FileObject.ContentType
Sets or returns a string representing the content type of the file blob. Example: "image/gif" or "text/plain"
This property is set automatically when the clsUpload.Upload method is called but can be altered prior to saving the file blob to the web server's hard drive.
It is usually impractical to alter this property and should be treated as Read-only.
Data
Read/Write
Data Type: Binary
Syntax: FileObject.Data
Sets or returns the binary data contained in each file blob.
This property is set automatically when the clsUpload.Upload method is called but can be altered prior to saving the file blob to the web server's hard drive.
It is usually impractical to alter this property and should be treated as Read-only.
FileExists
Read only
Data Type: Boolean (True or False).
Syntax: FileObject.FileExists
Returns a boolean value. True signifies that a file of the same filename already exists on the hard drive at this "UploadPath" -- if the script proceeds with the .Save() method, then the existing file will be overwritten. False signifies that no files exists at this "UploadPath" with this filename.
FileName
Read/Write
Data Type: String
Syntax: FileObject.FileName = strFileName
Sets or returns the file name for each file blob.
This property is set automatically when the clsUpload.Upload method is called but can be altered prior to saving the file blob to the web server's hard drive.
FolderExists
Read only
Data Type: Boolean (True or False).
Syntax: FileObject.FolderExists
Returns a boolean value. True signifies that that "UploadPath" exists on the hard drive. False signifies that the "UploadPath" does not exist -- if the script proceeds with the .Save() method, then the function will fail. The folder must exist prior to calling the .Save() method.
Size
Read only
Data Type: Long
Syntax: FileObject.Size
Returns a long (number) representing the total length of the file blob (i.e. the file size).
UploadPath
Read/Write
Data Type: String
Syntax: FileObject.UploadPath = TargetPath
Sets or returns the target path for saving each file blob to disk.
This property is set automatically when the clsUpload.Upload method is called but can be altered prior to saving the file blob to the web server's hard drive.

Methods

BuildPath
Syntax: FileObject.BuildPath
Returns a string representing a path.
This method is used internally by the clsUploadedFile object and mimics the behaviour of the FileSystemObject.BuildPath(UploadPath,FileName) method.
To alter this value you must first change either the UploadPath or FileName properties of this File object, then call this method to build a new path string using those new values.
Save
Syntax: FileObject.Save
Saves the file blob to disk at the UploadPath and with the current FileName. Returns a boolean indicating whether the process was successful.
This method should be called after appropriate measures have been taken to ensure that this file blob carries an appropriate FileName and that the folder exists.
This method must be called for each File object.
No error handling is built-in. So, you will immediately see an error message if this process fails so that you can take appropriate action (fix permissions, check that the folder exists). Therefore it's best if you use other methods and properties to ensure that the .Save() method will succeed.

Events

Initialize
New clsUploadedFile objects are created automatically when the clsUpload.Upload method is called -- they do not have to be created explicitly.
When the object is instantiated, the UploadPath property is set to the current folder.
Terminate
The object is destroyed.

How to Customize

This file cannot be customized.

Warning

If you must access this file using another product or software, then do so at your own risk; such activity is not supported by our license agreement and may void 20/20 Application's technical support obligations.

Related topics

© 2005 - 2007 20/20 Applications. All rights reserved.